<?php
error_reporting(0);
session_start();
require 'connect.php';

// username and password sent from form
$myusername = $_POST["myusername"];
$mypassword = $_POST["mypassword"];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$epassword = md5($mypassword);

$sql = "SELECT * FROM $user_table WHERE username='$myusername' and password='$epassword'";
$result = mysql_query($sql);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if ($count == 1) {
// Register $myusername, $mypassword and redirect to file "login_success.php"
    $_SESSION["myusername"] = $myusername;
    header("location: fourbox.php?folder=Repository/$myusername");
} else {
    header("location: false.php");
}

mysql_close();

//header("location: index.php");
?>